The University's Executive Compliance Committee (ECC) has made a policy change that requires all commodity servers to be physically or virtually located in the University Data Center. Such a change helps to address a number of risks that the committee has been monitoring over the years. Note: The policy change has been published and in effect September 01, 2014.
More details on the policy change can be found at: http://security.utexas.edu/policies/irusp.html#section_5_23_4
Commodity servers are defined as systems providing basic information technology services to university affiliates (e.g., web services, mail services, file services, database services, directory services, collaboration services).
There were roughly 600 commodity servers identified as having high-volume activity that were located outside of the University Data Center. The ECC has asked the Information Security Office to work with each affected unit on the final disposition of each server.
Collaboration Services
University Wiki Service
Database Services (MySQL)
MySQL is an open source relational database management system (RDBMS). It is commonly used for database services for other open source and web applications.
https://www.utexas.edu/its/mysql/
Features:
- 1 gigabyte of storage space on the central MySQL database servers.
- Daily Backups with two week retention.
- Ability to safely store Category-I data in databases.
- Access to phpMyAdmin and the MySQL command line client for database management and administration.
- Access to the ITS Systems MySQL team for advice and troubleshooting.
- Access to commercial MySQL support via the ITS Systems MySQL team.
Cost:
The MySQL database service is available at no cost for departments for up to six named databases. Additional named databases can be purchased in quantities of six for an additional $150 per year. Additional storage space is $7 per gigabyte per year.
MySQL Order Form: https://www.utexas.edu/its/mysql/forms/
MySQL Help: https://www.utexas.edu/its/help/mysql
Directory Services
A directory service is a system system that stores, organizes and provides access to information in a directory. It allows the look-up of values given a name, similar to a dictionary. In a directory, a name may be associated with multiple, different pieces of information.
Examples:
- Lightweight Directory Access Protocol (LDAP)
- Network Information Services (NIS)
- Domain Name Systems (DNS)
A mechanism in place for user account creation and management within an infrastructure and/or service (e.g. mail, web, computer access)
File Services (storage)
Austin Disk Services (https://www.utexas.edu/its/storage/)
Features:
- Meets the minimum standards set by ISO for storing Category I Data using IPSec, secure WebDAV, or SFTP to connect. Please see the SLA before storing protected research data on Austin Disk
- Automatically synchronize work you do offline with austin.utexas.edu any time you log on with the Offline Folders feature of Microsoft Windows
- Automatically backs up your files three times per day to ensure your data is secure
- Two week retention period
- Supports end-user recovery of backups with compatible clients (machine must be on the Austin Domain)
- Works best with Windows
Cost:
Effective September 1, 2013, the cost for individual Austin Disk shares will be $2.00 per GB per year, a drop from the previous $2.80 per GB per year. Individuals can purchase disk space online in 1 GB increments, up to 20 GB. Departments can also purchase disk space online, with a minimum allocation of 50 GB, at an annual rate of $140 per 50 GB allotment.
Austin Disk Support: https://www.utexas.edu/its/help/storage
UT Enterprise Bulk Storage (UTEBS)
Service description
UT Enterprise Bulk Storage is a cost-effective, reliable, self-managed, iSCSI-based, storage solution. The UT Enterprise Bulk Storage arrays are housed in the University Data Centers (UDC) and are accessible via 10Gb network interfaces within the University Data Centers. UT Enterprise Bulk Storage is provisioned in 512GB units, with a starting minimum of 1024GB (1TB).
Customers must manage access client protocols, such as CIFS, NFS, and AFP via a server front-end. It is required that customer servers are located within UDC-C to connect to UT Enterprise Bulk Storage.
Features:
- High bandwidth connectivity within the University Data Centers
- Compatible with other ITS services: UT Virtual (UT-V), CrashPlan server backup
- Highly reliable due to a fault-tolerant hardware architecture
- Scalable storage framework to meet storage growth on campus
Cost:
Each 1 GB costs $0.40 per year. Storage is available for purchase in 512 GB increments, with a starting minimum of 1024GB (1TB) and maximum of 10752GB (10.5TB).
Data Protection
UT Enterprise Bulk Storage provides the following options for Data Protection:
Single Copy Option:
- No backup service/redundant copy is provided natively.
- Customer is responsible for data backup and any costs associated with data backups.
- Customer data will be unavailable during all published Full, Partial or Emergency maintenance events.
Note: A Mirrored Copy option is available, but doubles the cost per GB. It is preferred that servers mounting UT Enterprise Bulk Storage are located in the University Data Center.
Bulk Storage SLA: https://www.utexas.edu/its/sla/sla.php?id=1609
UTBackup
UTBackup provides an enterprise-level, centralized, and automated digital data backup solution for the UT Austin campus. For end users, UTBackup assures peace of mind that their data is being backed up safely and securely. UTBackup is available for current UT faculty and staff who have departmental technical support.
Features
- Cross-platform: UTBackup supports Windows, Macintosh, and Linux platforms
- Allows for data restoration from any computer with a network connection and internet browser
- 100GB (faculty) and 20GB (staff) of compressed, de-duplicated backup storage quota is provided per device per year.
- Physical storage devices are housed in a secure location and monitored 24/7 (See Cost - Option 1 below)
- University owned systems used by students under the advisement of faculty may qualify for the no-cost 100GB backup solution
Mail Services
UTmail
UTmail provides UT Austin students and alumni with a university affiliated email address in the @utexas.edu domain. Those who opt-in to the service can choose their email address and have 25+ GB of email storage. In addition, UTmail provides email for life.
Features
- email account on the @utexas.edu domain.
- 25+ GB storage.
- Choose your own account name.
- Keep your email address for life!
- Information Security Office (ISO) approved Google Drive Integration with Canvas using your UTmail account.
Cost
UTmail is available at no cost to current UT Austin students, alumni, faculty, staff and retirees.
UTmail FAQs
http://www.utexas.edu/its/utmail/FAQs
Note: creating customized domains within UTmail is currently restricted by the UT Google site administrators
Office 365
Features
- 50 GB mailboxes
- Web access via Outlook Web App (OWA)
- Mobile App access
- Integrated address book and shared calendar through Outlook
- Secure access, security audits, service continuity, intrusion monitoring and high availability.
Cost
Office 365 will be available at no cost to current University of Texas at Austin faculty and staff.
Note: Custom domains or alias are being investigated. Academic staff (TA, GRAs, etc) could potentially be included. This is not a "for life" email account. The email account will be processed for deletion when university affiliation no longer exists. Permanent forwarding of email is also being investigated.
Web Services
University Blog Service
The University Blog Service is available for use by faculty, staff, and students. The service uses the WordPress platform. Blogs can be created by, and are available for individuals, groups, projects, or departments.
This service does not meet the FERPA requirements for hosting Category I data and should not be used for course-related purposes.
Features
- Log in with your UT EID login information
- Control the visibility of your blog
- Customize the look of your blog with one of over 50 available themes
- Track statistics, including how many people have visited your blog
- A Web address in the utexas.edu domain
- Can keep existing @ ece.utexas.edu domain/URL
Note: WordPress creates the content for you through a GUI front-end. You can't use JavaScript or CSS, and you're limited in HTML
Cost
University Blog Service is available at no cost to faculty, staff, and students.
University Blog Service - Help
Google Sites (UTMail Account)
https://sites.google.com/a/utexas.edu
- Write your website in HTML, CSS, or JavaScript
- You can take full advantage of the 25GB of storage available in a UTmail account.
- Limited to current domain name structure
UT Web (replacing Web Central)
https://www.utexas.edu/its/utweb/forms/
UT Web is a Unix-based shared Web hosting environment for The University of Texas at Austin that will replace the current Web Central service.
Web publishing on UT Web is available for colleges, schools, and departments that need to create websites that require Unix-based technologies such as PHP or CGI scripting. Colleges, schools, and departments may provide hosting space to their community members. All users must have a current UT affiliation to log in to the service.
The UT Web LAMP solutions stack is suitable for static HTML pages as well as dynamic websites and applications. LAMP is an acronym for the open-source software packages that include: Linux, Apache, MySQL, and PHP. Read about the UT Web technical specifications.
Specifications
The UT Web LAMP stack uses the open-source software packages:
- Red Hat Enterprise Linux (RHEL) 6
- Apache HTTP server version 2.2
- MySQL version 5.6 (local installations)
- PHP programming language versions 5.3 and 5.4
Technical Features
- Virtualmin Web Panel for self-service site management
- Access to phpMyAdmin and the MySQL command-line client
- 1-click Drupal Installer
- 1-click WordPress Installer
- Self-managed file backups and recovery
- Unix shell access via UT EID
- Access to raw log files
- Access to both Git and SVN version control tools
- CGI Scripting
Campus Connections
Users can connect to campus developer resources outside of UT Web, including:
- UTLogin
- Enterprise MySQL
- Enterprise Oracle
- UT Forge Subversion Repository
- XML Gateway for Mainframe connectivity
- TED & Austin Active Directory LDAP Services
Cost
UT Web hosting is available to university departments at no cost.
Exception Process
You should consider structuring your exceptions around the following:
http://security.utexas.edu/policies/irusp.html#section_5_19
- business case for exception
- physical controls for exception
- logical controls for exception
What is meant by logical controls?
According to the Information Security Office (ISO), logical security controls would consist of implementing permissions, logging, and auditing mechanisms for access to unattended systems. For example, physical access of the "server room" should have an Access Control System in place to track who has access to a particular area, and logs when an individual has entered the controlled area.
Exception Form: https://security.utexas.edu/exception/
In the last field of the exception form,
University Affiliates
University affiliates are individuals who have relationships with The University of Texas at Austin outside of traditional employment. The incumbent can be paid or unpaid, and may have a university affiliate assignment in addition to other assignments at the university. They may be individuals who need access to university services, such as laboratories or parking privileges, and prior to HRMS, received these accesses through 0% appointments or through Official Visitor letters. Not all university affiliates require access to university services; designating the most appropriate level of privileges determines eligibility and access to services for all incumbents assigned to a position.
University Affiliate Assignment Requirements
Very Special Note on Affiliates
Beginning May 19, 2014, all persons who lose eligibility due to their affiliation change (departure) with the university will lose eligibility for certain university services, such as a AEMS/Office 365 mailbox, personal Austin Disk services, WebCentral services, etc. For example, users with an active AEMS/Office 365 will receive a notice that their mailbox has been locked and will be removed in 30 days if no action is taken. As a result, the group member will not be able to send, receive, or access messages from AEMS/Office 365.
For students, this does not include UT Mail (via Google). Exceptions can be made for faculty who have departed from the university, depending on their continued interaction with the department, university, or status (e.g. Emeritus)